package cn.com.css.taxInspection.common.shiro;

import java.util.LinkedHashMap;
import java.util.Map;

import javax.annotation.Resource;
import javax.servlet.Filter;

import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import at.pollux.thymeleaf.shiro.dialect.ShiroDialect;
import cn.com.css.taxInspection.common.config.FileUploadProperties;

/**
 * ShiroConfig
 *
 * @author wenbin
 * @version V1.0
 * @date 2020年3月18日
 */
@Configuration
@EnableConfigurationProperties(FileUploadProperties.class)
public class ShiroConfig {

	@Resource
	private FileUploadProperties fileUploadProperties;

	@Bean(name = "shiroDialect")
	public ShiroDialect shiroDialect() {
		return new ShiroDialect();
	}

	@Bean
	public CustomHashedCredentialsMatcher customHashedCredentialsMatcher() {
		return new CustomHashedCredentialsMatcher();
	}

	/**
	 * 创建realm
	 */
	@Bean
	public CustomRealm customRealm() {
		CustomRealm customRealm = new CustomRealm();
		customRealm.setCredentialsMatcher(customHashedCredentialsMatcher());
		return customRealm;
	}

	@Bean
	public SecurityManager securityManager() {

		DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
		// 关联realm
		securityManager.setRealm(customRealm());
		return securityManager;
	}

	@Bean
	public ShiroFilterFactoryBean shiroFilterFactoryBean(SecurityManager securityManager) {

		// 整个shiro执行过程： 过滤器、认证、授权

		ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
		// 设置安全管理器
		shiroFilterFactoryBean.setSecurityManager(securityManager);
		LinkedHashMap<String, Filter> filtersMap = new LinkedHashMap<>();
		// 用来校验token
		filtersMap.put("token", new CustomAccessControlFilter());
		shiroFilterFactoryBean.setFilters(filtersMap);
		Map<String, String> filterChainDefinitionMap = new LinkedHashMap<>();

		
		
		
		
		
		

		filterChainDefinitionMap.put("/sysFiles/upload", "anon");
		filterChainDefinitionMap.put("/sys/getXxtx", "anon");
		filterChainDefinitionMap.put("/sys/getMp3Sy", "anon");
		filterChainDefinitionMap.put("/sys/getJinBaZhouQingkuangshuju", "anon");
		// 参数表
		filterChainDefinitionMap.put("/sys/parameter/info", "anon");
		
		// 配置不会被拦截的链接 顺序判断
		//第三方接口地址先放开后续在进行拦截认证

		filterChainDefinitionMap.put("/attention/specialCaseManagement/importByajbh", "anon");
		filterChainDefinitionMap.put("/attention/backlogCaseManagement/importByajbh", "anon");
		filterChainDefinitionMap.put("/attention/jaajxxYjqlsj/importByajbhYjqlsj", "anon");
		filterChainDefinitionMap.put("/attention/jaajxxJaxcyy/importByajbhJaxcyy", "anon");
		filterChainDefinitionMap.put("/attention/jaajxxJadqhb/importByajbhJadqhb", "anon");
		filterChainDefinitionMap.put("/thirdparty/dataVisualization/getInspectionData", "anon");
		filterChainDefinitionMap.put("/sys/user/login", "anon");
		
		filterChainDefinitionMap.put("/sys/user/ssologin", "anon");
		
		filterChainDefinitionMap.put("/sys/user/token", "anon");
		filterChainDefinitionMap.put("/sys/getVerify", "anon");
		filterChainDefinitionMap.put("/sys/getPhoneCaptcha", "anon");
		filterChainDefinitionMap.put("/sys/user/forgetPwd", "anon");
		filterChainDefinitionMap.put("/sys/user/enterpriseRegister", "anon");
		filterChainDefinitionMap.put("/sys/user/userUnlock", "anon");

		filterChainDefinitionMap.put("/sys/checkVerify", "anon");
		filterChainDefinitionMap.put("/index/**", "anon");
		filterChainDefinitionMap.put("*.html", "anon");
		filterChainDefinitionMap.put("/static/**", "anon");
		filterChainDefinitionMap.put("/doc.html", "anon");
		filterChainDefinitionMap.put("/swagger-resources/**", "anon");
		filterChainDefinitionMap.put("/v2/api-docs", "anon");
		filterChainDefinitionMap.put("/v2/api-docs-ext", "anon");
		filterChainDefinitionMap.put("/webjars/**", "anon");
		// filterChainDefinitionMap.put("/druid/**", "anon");
		filterChainDefinitionMap.put("/favicon.ico", "anon");
		filterChainDefinitionMap.put("/captcha.jpg", "anon");
		filterChainDefinitionMap.put("/csrf", "anon");

		filterChainDefinitionMap.put("/website/**", "anon");
		filterChainDefinitionMap.put("/bosweb/**", "anon");
		filterChainDefinitionMap.put("/mui-h5/**", "anon");
		
		// 文件上传可直接访问		
		filterChainDefinitionMap.put(fileUploadProperties.getAccessUrl(), "anon");
		filterChainDefinitionMap.put("/images/**", "anon");
		filterChainDefinitionMap.put("/js/**", "anon");
		filterChainDefinitionMap.put("/layui/**", "anon");
		filterChainDefinitionMap.put("/newmain/**", "anon");
		filterChainDefinitionMap.put("/jiannew/**", "anon");
		filterChainDefinitionMap.put("/zbxa/**", "anon");
		filterChainDefinitionMap.put("/layuim/**", "anon");  // 👈 你新建的目录


		filterChainDefinitionMap.put("/css/**", "anon");
		filterChainDefinitionMap.put("/treetable-lay/**", "anon");
		filterChainDefinitionMap.put("/layui-ext/**", "anon");
		filterChainDefinitionMap.put("/cron/**", "anon");
		filterChainDefinitionMap.put("/**", "token,authc");

		shiroFilterFactoryBean.setLoginUrl("/index/login");
		shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);
		return shiroFilterFactoryBean;
	}

	/**
	 * 开启shiro aop注解支持. 使用代理方式;所以需要开启代码支持;
	 *
	 * @return org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor
	 */
	@Bean
	public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(SecurityManager securityManager) {
		AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();
		authorizationAttributeSourceAdvisor.setSecurityManager(securityManager);
		return authorizationAttributeSourceAdvisor;
	}


}
